Hi, and thanks for your time.
Using vb.net
I'm new to .net, recently moved from classic asp!
I'm creating an intranet web application that needs to keep a log of user activity.
What I would have done in classic ASP is to store the user ID from my user table in any new records. Then I could drill down from that as needed. But now with .net and its incorporated security features, I dont see how this approach is going to work!
I have seen examples of getting the current user name, but nothing about a name based on a user ID, or even how to get a user ID.
Could someone point me in the right direction as to how I would go about doing this kind of thing in .net.
I'm using forms based security.
Sorry if it's a bit vague, I'm rubbish at explaining myself.
5  1575  Frinavale 9,735
Recognized Expert Moderator Expert
I'm not sure what you are doing.
Have you configured your site to use Forms Authentication with Membership?
If so, a Principal Object is created to represent your user when ASP.NET detects a request for your website. This Principal Object is used to determine if the user is privileged to access certain pages and resources. In your page's you can retrieve it from the HttpContext.Cur rent.User.Ident ity to determine what the user's name is.
Check out This Video about Membership.
Also, you should consider researching Forms Authentication, and Role Management so that you have a good idea of what happens during authentication and authorization.
-Frinny
Thanks Frinny. I found a really good set of articles hear, which has given some great examples of what can be done with regard to security. I also just took a look at the video link you provided. Very good, thanks. But...
... at the moment I'm more interested in being able to retrieve user information such as user name (not login name) and email address for example, but not necessarily for the currenty logged in user. I want to show details for users that may have made changes to the data!
Thanks
Tim
Frinavale 9,735
Recognized Expert Moderator Expert
What do you mean not 'not necessarily for the currently logged in user"?
If you are looking to display the history of data, you need to store that history somewhere. Store it in a Database, or XML file, or where ever you want to. When you want to display the data's history, retrieve the history from where it has been stored...
What exactly are you having problems with??
when a user saves a comment to an enquiry record in the database, I want to save a reference(prima ry key?) to that user along with it so that i know who did it. Obviously i wouldn't want to save the user name, telephone number and email address each time a user makes a comment.
So when i display a report that lists changes made to the database I need to be able to get the user name and email etc based on the user reference I saved.
Somthing like:
GetUserInfo("Ti mV").Email ....would return 'timv@whatever. com'
GetUserInfo("Bo b").Telephone.. ..would return '0898 444444'
And to make things worse, I will probably want to do this in a GridView... I'll cross that bridge when i come to it :)
Does that make a little more sence??
OK, I have made progress on this subject.
To retrieve sprecific user information (logged in or not): - Profile.GetProfile("Tim").FirstName
or - Membership.GetUser("Tim").Email
This has led me to a new problem. I will start a new thread for this... hope this helps someone ??
Sign in to post your reply or Sign up for a free account.
Similar topics | |
by: Anakim Border |
last post by:
App servers such as quixote, webware and skunkweb (just to name a
few) offer a clean environment to develop Python webapps. I have some
problems, however, understanding their security model.
My objective is to host webapps from different people on a single
Linux server; because of that, I want to be sure that one webapp
cannot interfere with another.
My first attempt at privilege separation went through users & groups.
Unfortunately...
|
by: lobrys |
last post by:
hi
I build a VB .NET application that makes file access, environnemet acess,
database access, etc....
If I ran the app locally, everything works....(normal)
If I copy the app on a server, and execute it, everything works until a
file/environnement/database access !.....
I just want that my app may run in every machine!
|
by: Tim Marshall |
last post by:
I have a problem in that users can't seem to access menu bars created by
a developer in the admins group. Details are as follows:
I'm following the MS Access Secirty FAQ version 2.41 and I can't seem to
find an answer to the following problem in an A97 FE on a Oracle
database (Pretty sure Oracle has nothing to do with this, but thought
I'd mention it).
My users are members of one of three groups (plus there is the admins
group of...
|
by: Mike Marriott |
last post by:
Hello all,
Newbie Here (please go easy, you cant make me fell more stupid than I
allready do)
I have a small, but complex data base, in Access 2000, that I am
creating, I have allready starting to add data to it. Alot of data
(around 30 hours work, creating and entering data).
I did a stupid thing, I protected the thing. . . . Using the Security
|
by: Patrick Blackman |
last post by:
Hi, need some info on implementing a multiuser winforms application,
specifically managing user logins and user preferences & access rights. Are
there any frameworks out there for this. I don't want to use windows
identity system. Any pointers would be appreciated.
| | |
by: gundam.f0rtre55 |
last post by:
Hi everybody,
for a new release of our J2EE Webapplication, our customer wish to
allow the usage of bookmarklets. The application must be able to
register URLs with several protocol types, one of them is simply
"none", meaning that a user could register something like
"javascript:executeMyMethod();"
My question is about security: how safe/unsafe is the usage of
bookmarklets for a Webapplication? What are the security issues (if
|
by: SAL |
last post by:
Hello,
Currently, I'm using Visual Studio 2003, C#, Framework 1.1 and Enterprise
Library 2005 (for framework 1.1).
I've used the Enterprise Library Configuration utility to create my
connection to SQL Server, however when I run my C# program that calls a
Stored Procedure it fails. Here is what the ConnectionString block looks
like in my dataConfiguration.config file.
|
by: killbill |
last post by:
Hi All,
I am struggling with a problem, i want to add ActiveDirectory user to
Global Security Group using C# and DirectoryServices. Any suggestiion
???
Thanks.
|
by: at_the_gonq |
last post by:
Hello,
I am hoping to get some guidance on the following scenerio:
I have a password protected site where users have various
permissions. Are sessions the best way of storing the user's id? And
if so, on load of a page should I be hitting the database for their
permissions (based on the session stored user id), or should
everything I need be stored in session variables to save the trip to
the database? I have also wondered about...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| | |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
| | |
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| |
